registry  /  @rein-industries/rein  /  0.1.28

@rein-industries/rein@0.1.28

Control your coding agents (Claude Code, Codex, Gemini, opencode, Grok) from your phone. Installs the rein bridge daemon.

AI Security Review

scanned 3h ago · by lpm-firewall-ai

The postinstall hook obtains an opaque native payload and stores it in the package-local `vendor/` directory. The launcher executes that payload when the user runs `rein`. No source-confirmed credential harvesting, external configuration mutation, or exfiltration exists in the inspected JavaScript.

Static reason
One or more suspicious static signals were detected.
Trigger
npm installation triggers `postinstall`; invoking `rein` triggers execution of `vendor/rein`.
Impact
A compromised or substituted release asset can gain the privileges of the installing or CLI-running user.
Mechanism
remote native payload download, extraction, and later execution
Rationale
The reviewed JavaScript is a package-aligned installer/launcher, but it is an opaque remote native payload carrier whose integrity check trusts the same remote release source. That warrants a warning rather than a malicious block because no concrete malicious action is present in the inspected source.
Evidence
package.jsonscripts/postinstall.mjsbin/rein.jsREADME.mdvendor/rein-<platform>.tar.gzvendor/reinvendor/spawn-helpervendor/.rein-managed-by
Network endpoints1
github.com/rein-industries/rein/releases/download/v<version>

Decision evidence

public snapshot
AI called this Suspicious at 90.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • `package.json` defines a `postinstall` hook.
  • `scripts/postinstall.mjs` downloads a platform-native tarball during installation.
  • Checksum data and executable archive come from the same GitHub release endpoint.
  • `bin/rein.js` executes the downloaded `vendor/rein` binary on CLI use.
  • The archive is unpacked and executables are chmodded in `vendor/`.
Evidence against
  • Source writes only beneath the package's own `vendor/` directory.
  • No source reads credentials, user files, agent configuration, or home directories.
  • No shell interpolation, eval, or remote JavaScript execution is present.
  • The download is version-pinned by default and has a SHA-256 consistency check.
  • Lifecycle failures warn rather than abort installation.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
UrlStrings
Manifest
NoLicense
scanned 2 file(s), 5.92 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.mjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.mjs
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License